STEP 4.5 extracts the archetype's "Implications" (Surface sécurité) and "Typical pain points" sections into .onboard-audit/archetype-context.md. STEP 6 cso dispatch reads it and filters checks per category: web vulns (XSS/SQLi/CORS/CSP/CSRF/HTTPS) only on framework/api/ecommerce/cms, embedded-specific checks (buffer overflow, secure boot, JTAG, OTA sig) only on embedded; library/cli/infra/data-science/desktop each get their own focused section. Previously the fallback prompt searched for web vulnerabilities even on firmware projects. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| SKILL.md | ||